Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

upgrade all dependencies #1540

Merged
merged 1 commit into from
Sep 28, 2023
Merged

upgrade all dependencies #1540

merged 1 commit into from
Sep 28, 2023

Conversation

keithamus
Copy link
Member

This upgrades all dependencies in the 4.x branch to their latest non-breaking versions.

@keithamus keithamus requested a review from a team as a code owner September 28, 2023 08:16
@keithamus keithamus merged commit 0ccd823 into 4.x.x Sep 28, 2023
@keithamus keithamus deleted the upgrade-all-dependencies branch September 28, 2023 08:17
renovate bot referenced this pull request in trunk-io/trunk-action Sep 28, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [chai](http://chaijs.com) ([source](https://togithub.com/chaijs/chai))
| [`4.3.9` ->
`4.3.10`](https://renovatebot.com/diffs/npm/chai/4.3.9/4.3.10) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/chai/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/chai/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/chai/4.3.9/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/chai/4.3.9/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>chaijs/chai (chai)</summary>

### [`v4.3.10`](https://togithub.com/chaijs/chai/releases/tag/v4.3.10)

[Compare
Source](https://togithub.com/chaijs/chai/compare/v4.3.9...v4.3.10)

This release simply bumps all dependencies to their latest non-breaking
versions.

#### What's Changed

- upgrade all dependencies by
[@&#8203;keithamus](https://togithub.com/keithamus) in
[https://github.com/chaijs/chai/pull/1540](https://togithub.com/chaijs/chai/pull/1540)

**Full Changelog**:
chaijs/chai@v4.3.9...v4.3.10

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/trunk-io/trunk-action).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi4xMDcuMiIsInVwZGF0ZWRJblZlciI6IjM2LjEwNy4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot referenced this pull request in runtime-env/import-meta-env Sep 30, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [chai](http://chaijs.com) ([source](https://togithub.com/chaijs/chai))
| [`4.3.9` ->
`4.3.10`](https://renovatebot.com/diffs/npm/chai/4.3.9/4.3.10) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/chai/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/chai/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/chai/4.3.9/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/chai/4.3.9/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>chaijs/chai (chai)</summary>

### [`v4.3.10`](https://togithub.com/chaijs/chai/releases/tag/v4.3.10)

[Compare
Source](https://togithub.com/chaijs/chai/compare/v4.3.9...v4.3.10)

This release simply bumps all dependencies to their latest non-breaking
versions.

#### What's Changed

- upgrade all dependencies by
[@&#8203;keithamus](https://togithub.com/keithamus) in
[https://github.com/chaijs/chai/pull/1540](https://togithub.com/chaijs/chai/pull/1540)

**Full Changelog**:
chaijs/chai@v4.3.9...v4.3.10

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/iendeavor/import-meta-env).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi4xMDcuMiIsInVwZGF0ZWRJblZlciI6IjM2LjEwNy4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
kodiakhq bot referenced this pull request in erezrokah/aws-testing-library Oct 2, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [chai](http://chaijs.com) ([source](https://togithub.com/chaijs/chai))
| [`4.3.8` ->
`4.3.10`](https://renovatebot.com/diffs/npm/chai/4.3.8/4.3.10) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/chai/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/chai/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/chai/4.3.8/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/chai/4.3.8/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>chaijs/chai (chai)</summary>

### [`v4.3.10`](https://togithub.com/chaijs/chai/releases/tag/v4.3.10)

[Compare
Source](https://togithub.com/chaijs/chai/compare/923d0a48fc59a910ecee37c85535379520a3e1b6...744a16e1cc4e8a9c6d4499e1e520a0bc4c80ec18)

This release simply bumps all dependencies to their latest non-breaking
versions.

#### What's Changed

- upgrade all dependencies by
[@&#8203;keithamus](https://togithub.com/keithamus) in
[https://github.com/chaijs/chai/pull/1540](https://togithub.com/chaijs/chai/pull/1540)

**Full Changelog**:
chaijs/chai@v4.3.9...v4.3.10

### [`v4.3.9`](https://togithub.com/chaijs/chai/releases/tag/v4.3.9)

[Compare
Source](https://togithub.com/chaijs/chai/compare/d9ff2c6d3e3f306b8b76e081cc892f42bf551b26...923d0a48fc59a910ecee37c85535379520a3e1b6)

Upgrade dependencies.

This release upgrades dependencies to address
**[CVE-2023-43646](https://www.cve.org/CVERecord?id=CVE-2023-43646)**
where a large function name can cause "catastrophic backtracking" (aka
ReDOS attack) which can cause the test suite to hang.

**Full Changelog**:
chaijs/chai@v4.3.8...v4.3.9

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/erezrokah/aws-testing-library).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4wLjMiLCJ1cGRhdGVkSW5WZXIiOiIzNy4wLjMiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com>
mattgodbolt referenced this pull request in compiler-explorer/compiler-explorer Oct 5, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [chai](http://chaijs.com) ([source](https://togithub.com/chaijs/chai))
| [`^4.3.8` ->
`^4.3.10`](https://renovatebot.com/diffs/npm/chai/4.3.8/4.3.10) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/chai/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/chai/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/chai/4.3.8/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/chai/4.3.8/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>chaijs/chai (chai)</summary>

### [`v4.3.10`](https://togithub.com/chaijs/chai/releases/tag/v4.3.10)

[Compare
Source](https://togithub.com/chaijs/chai/compare/v4.3.9...v4.3.10)

This release simply bumps all dependencies to their latest non-breaking
versions.

#### What's Changed

- upgrade all dependencies by
[@&#8203;keithamus](https://togithub.com/keithamus) in
[https://github.com/chaijs/chai/pull/1540](https://togithub.com/chaijs/chai/pull/1540)

**Full Changelog**:
chaijs/chai@v4.3.9...v4.3.10

### [`v4.3.9`](https://togithub.com/chaijs/chai/releases/tag/v4.3.9)

[Compare
Source](https://togithub.com/chaijs/chai/compare/v4.3.8...v4.3.9)

Upgrade dependencies.

This release upgrades dependencies to address
**[CVE-2023-43646](https://www.cve.org/CVERecord?id=CVE-2023-43646)**
where a large function name can cause "catastrophic backtracking" (aka
ReDOS attack) which can cause the test suite to hang.

**Full Changelog**:
chaijs/chai@v4.3.8...v4.3.9

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 8pm on monday" in timezone
America/Chicago, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/compiler-explorer/compiler-explorer).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4wLjMiLCJ1cGRhdGVkSW5WZXIiOiIzNy4wLjMiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
sammcj referenced this pull request in sammcj/github-app-installation-token Oct 27, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[@actions/core](https://togithub.com/actions/toolkit/tree/main/packages/core)
([source](https://togithub.com/actions/toolkit)) | [`1.10.0` ->
`1.10.1`](https://renovatebot.com/diffs/npm/@actions%2fcore/1.10.0/1.10.1)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@actions%2fcore/1.10.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/@actions%2fcore/1.10.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/@actions%2fcore/1.10.0/1.10.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@actions%2fcore/1.10.0/1.10.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [chai](http://chaijs.com) ([source](https://togithub.com/chaijs/chai))
| [`4.3.7` ->
`4.3.10`](https://renovatebot.com/diffs/npm/chai/4.3.7/4.3.10) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/chai/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/chai/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/chai/4.3.7/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/chai/4.3.7/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [jsonwebtoken](https://togithub.com/auth0/node-jsonwebtoken) |
[`9.0.0` ->
`9.0.2`](https://renovatebot.com/diffs/npm/jsonwebtoken/9.0.0/9.0.2) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/jsonwebtoken/9.0.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/jsonwebtoken/9.0.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/jsonwebtoken/9.0.0/9.0.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/jsonwebtoken/9.0.0/9.0.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [prettier](https://prettier.io)
([source](https://togithub.com/prettier/prettier)) | [`2.8.7` ->
`2.8.8`](https://renovatebot.com/diffs/npm/prettier/2.8.7/2.8.8) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/prettier/2.8.8?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/prettier/2.8.8?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/prettier/2.8.7/2.8.8?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/prettier/2.8.7/2.8.8?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>actions/toolkit (@&#8203;actions/core)</summary>

###
[`v1.10.1`](https://togithub.com/actions/toolkit/blob/HEAD/packages/core/RELEASES.md#1101)

- Fix error message reference in oidc utils
[#&#8203;1511](https://togithub.com/actions/toolkit/pull/1511)

</details>

<details>
<summary>chaijs/chai (chai)</summary>

### [`v4.3.10`](https://togithub.com/chaijs/chai/releases/tag/v4.3.10)

[Compare
Source](https://togithub.com/chaijs/chai/compare/v4.3.9...v4.3.10)

This release simply bumps all dependencies to their latest non-breaking
versions.

#### What's Changed

- upgrade all dependencies by
[@&#8203;keithamus](https://togithub.com/keithamus) in
[https://github.com/chaijs/chai/pull/1540](https://togithub.com/chaijs/chai/pull/1540)

**Full Changelog**:
chaijs/chai@v4.3.9...v4.3.10

### [`v4.3.9`](https://togithub.com/chaijs/chai/releases/tag/v4.3.9)

[Compare
Source](https://togithub.com/chaijs/chai/compare/v4.3.8...v4.3.9)

Upgrade dependencies.

This release upgrades dependencies to address
**[CVE-2023-43646](https://www.cve.org/CVERecord?id=CVE-2023-43646)**
where a large function name can cause "catastrophic backtracking" (aka
ReDOS attack) which can cause the test suite to hang.

**Full Changelog**:
chaijs/chai@v4.3.8...v4.3.9

### [`v4.3.8`](https://togithub.com/chaijs/chai/releases/tag/v4.3.8)

[Compare
Source](https://togithub.com/chaijs/chai/compare/v4.3.7...v4.3.8)

#### What's Changed

- 4.x.x: Fix link to commit logs on GitHub by
[@&#8203;bugwelle](https://togithub.com/bugwelle) in
[https://github.com/chaijs/chai/pull/1487](https://togithub.com/chaijs/chai/pull/1487)
- build(deps): bump socket.io-parser from 4.0.4 to 4.0.5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/chaijs/chai/pull/1488](https://togithub.com/chaijs/chai/pull/1488)
- Small typo in test.js by
[@&#8203;mavaddat](https://togithub.com/mavaddat) in
[https://github.com/chaijs/chai/pull/1459](https://togithub.com/chaijs/chai/pull/1459)
- docs: specify return type of objDisplay by
[@&#8203;scarf005](https://togithub.com/scarf005) in
[https://github.com/chaijs/chai/pull/1490](https://togithub.com/chaijs/chai/pull/1490)
- Update CONTRIBUTING.md by
[@&#8203;matheus-rodrigues00](https://togithub.com/matheus-rodrigues00)
in
[https://github.com/chaijs/chai/pull/1521](https://togithub.com/chaijs/chai/pull/1521)
- Fix: update exports.version to current version by
[@&#8203;peanutenthusiast](https://togithub.com/peanutenthusiast) in
[https://github.com/chaijs/chai/pull/1534](https://togithub.com/chaijs/chai/pull/1534)

#### New Contributors

- [@&#8203;bugwelle](https://togithub.com/bugwelle) made their first
contribution in
[https://github.com/chaijs/chai/pull/1487](https://togithub.com/chaijs/chai/pull/1487)
- [@&#8203;mavaddat](https://togithub.com/mavaddat) made their first
contribution in
[https://github.com/chaijs/chai/pull/1459](https://togithub.com/chaijs/chai/pull/1459)
- [@&#8203;scarf005](https://togithub.com/scarf005) made their first
contribution in
[https://github.com/chaijs/chai/pull/1490](https://togithub.com/chaijs/chai/pull/1490)
-
[@&#8203;matheus-rodrigues00](https://togithub.com/matheus-rodrigues00)
made their first contribution in
[https://github.com/chaijs/chai/pull/1521](https://togithub.com/chaijs/chai/pull/1521)
- [@&#8203;peanutenthusiast](https://togithub.com/peanutenthusiast) made
their first contribution in
[https://github.com/chaijs/chai/pull/1534](https://togithub.com/chaijs/chai/pull/1534)

**Full Changelog**:
chaijs/chai@v4.3.7...v4.3.8

</details>

<details>
<summary>auth0/node-jsonwebtoken (jsonwebtoken)</summary>

###
[`v9.0.2`](https://togithub.com/auth0/node-jsonwebtoken/blob/HEAD/CHANGELOG.md#902---2023-08-30)

[Compare
Source](https://togithub.com/auth0/node-jsonwebtoken/compare/v9.0.1...v9.0.2)

- security: updating semver to 7.5.4 to resolve CVE-2022-25883, closes
[#&#8203;921](https://togithub.com/auth0/node-jsonwebtoken/issues/921).
- refactor: reduce library size by using lodash specific dependencies,
closes
[#&#8203;878](https://togithub.com/auth0/node-jsonwebtoken/issues/878).

###
[`v9.0.1`](https://togithub.com/auth0/node-jsonwebtoken/blob/HEAD/CHANGELOG.md#901---2023-07-05)

[Compare
Source](https://togithub.com/auth0/node-jsonwebtoken/compare/v9.0.0...v9.0.1)

-   fix(stubs): allow decode method to be stubbed

</details>

<details>
<summary>prettier/prettier (prettier)</summary>

###
[`v2.8.8`](https://togithub.com/prettier/prettier/blob/HEAD/CHANGELOG.md#288)

[Compare
Source](https://togithub.com/prettier/prettier/compare/2.8.7...2.8.8)

This version is a republished version of v2.8.7.
A bad version was accidentally published and [it can't be
unpublished](https://togithub.com/npm/cli/issues/1686), apologies for
the churn.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/sammcj/github-app-installation-token).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS42Mi4wIiwidXBkYXRlZEluVmVyIjoiMzcuMC4zIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
Woodpile37 added a commit to Woodpile37/EIPs that referenced this pull request Nov 4, 2023
<p>This PR was automatically created by Snyk using the credentials of a
real user.</p><br /><h3>Snyk has created this PR to upgrade chai from
4.3.6 to 4.3.10.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

- The recommended version is **4 versions** ahead of your current
version.
- The recommended version was released **a month ago**, on 2023-09-28.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>chai</b></summary>
    <ul>
      <li>
<b>4.3.10</b> - <a
href="https://snyk.io/redirect/github/chaijs/chai/releases/tag/v4.3.10">2023-09-28</a></br><p>This
release simply bumps all dependencies to their latest non-breaking
versions.</p>
<h2>What's Changed</h2>
<ul>
<li>upgrade all dependencies by <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/keithamus/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/keithamus">@ keithamus</a> in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1916961847" data-permission-text="Title is private"
data-url="chaijs/chai#1540"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1540/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1540">#1540</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link"
href="https://snyk.io/redirect/github/chaijs/chai/compare/v4.3.9...v4.3.10"><tt>v4.3.9...v4.3.10</tt></a></p>
      </li>
      <li>
<b>4.3.9</b> - <a
href="https://snyk.io/redirect/github/chaijs/chai/releases/tag/v4.3.9">2023-09-27</a></br><p>Upgrade
dependencies.</p>
<p>This release upgrades dependencies to address <strong><a
href="https://www.cve.org/CVERecord?id=CVE-2023-43646"
rel="nofollow">CVE-2023-43646</a></strong> where a large function name
can cause "catastrophic backtracking" (aka ReDOS attack) which can cause
the test suite to hang.</p>
<p><strong>Full Changelog</strong>: <a class="commit-link"
href="https://snyk.io/redirect/github/chaijs/chai/compare/v4.3.8...v4.3.9"><tt>v4.3.8...v4.3.9</tt></a></p>
      </li>
      <li>
<b>4.3.8</b> - <a
href="https://snyk.io/redirect/github/chaijs/chai/releases/tag/v4.3.8">2023-08-24</a></br><h2>What's
Changed</h2>
<ul>
<li>4.x.x: Fix link to commit logs on GitHub by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/bugwelle/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/bugwelle">@ bugwelle</a> in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1442318999" data-permission-text="Title is private"
data-url="chaijs/chai#1487"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1487/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1487">#1487</a></li>
<li>build(deps): bump socket.io-parser from 4.0.4 to 4.0.5 by <a
class="user-mention notranslate" data-hovercard-type="organization"
data-hovercard-url="/orgs/dependabot/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/dependabot">@ dependabot</a> in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1442803192" data-permission-text="Title is private"
data-url="chaijs/chai#1488"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1488/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1488">#1488</a></li>
<li>Small typo in test.js by <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/mavaddat/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/mavaddat">@ mavaddat</a> in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1154733117" data-permission-text="Title is private"
data-url="chaijs/chai#1459"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1459/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1459">#1459</a></li>
<li>docs: specify return type of objDisplay by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/scarf005/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/scarf005">@ scarf005</a> in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1476032440" data-permission-text="Title is private"
data-url="chaijs/chai#1490"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1490/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1490">#1490</a></li>
<li>Update CONTRIBUTING.md by <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/matheus-rodrigues00/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/matheus-rodrigues00">@
matheus-rodrigues00</a> in <a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1732701131"
data-permission-text="Title is private"
data-url="chaijs/chai#1521"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1521/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1521">#1521</a></li>
<li>Fix: update exports.version to current version by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/peanutenthusiast/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/peanutenthusiast">@
peanutenthusiast</a> in <a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1864098264"
data-permission-text="Title is private"
data-url="chaijs/chai#1534"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1534/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1534">#1534</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/bugwelle/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/bugwelle">@ bugwelle</a> made
their first contribution in <a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1442318999"
data-permission-text="Title is private"
data-url="chaijs/chai#1487"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1487/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1487">#1487</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/mavaddat/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/mavaddat">@ mavaddat</a> made
their first contribution in <a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1154733117"
data-permission-text="Title is private"
data-url="chaijs/chai#1459"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1459/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1459">#1459</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/scarf005/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/scarf005">@ scarf005</a> made
their first contribution in <a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1476032440"
data-permission-text="Title is private"
data-url="chaijs/chai#1490"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1490/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1490">#1490</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/matheus-rodrigues00/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/matheus-rodrigues00">@
matheus-rodrigues00</a> made their first contribution in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1732701131" data-permission-text="Title is private"
data-url="chaijs/chai#1521"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1521/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1521">#1521</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/peanutenthusiast/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/peanutenthusiast">@
peanutenthusiast</a> made their first contribution in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1864098264" data-permission-text="Title is private"
data-url="chaijs/chai#1534"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1534/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1534">#1534</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link"
href="https://snyk.io/redirect/github/chaijs/chai/compare/v4.3.7...v4.3.8"><tt>v4.3.7...v4.3.8</tt></a></p>
      </li>
      <li>
<b>4.3.7</b> - <a
href="https://snyk.io/redirect/github/chaijs/chai/releases/tag/v4.3.7">2022-11-07</a></br><h2>What's
Changed</h2>
<ul>
<li>fix: deep-eql bump package to support symbols comparison by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/snewcomer/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/snewcomer">@ snewcomer</a> in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1438632532" data-permission-text="Title is private"
data-url="chaijs/chai#1483"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1483/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1483">#1483</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link"
href="https://snyk.io/redirect/github/chaijs/chai/compare/v4.3.6...v4.3.7"><tt>v4.3.6...v4.3.7</tt></a></p>
      </li>
      <li>
<b>4.3.6</b> - <a
href="https://snyk.io/redirect/github/chaijs/chai/releases/tag/v4.3.6">2022-01-26</a></br><p>Update
loupe to 2.3.1</p>
      </li>
    </ul>
from <a href="https://snyk.io/redirect/github/chaijs/chai/releases">chai
GitHub release notes</a>
  </details>
</details>


<details>
  <summary><b>Commit messages</b></summary>
  </br>
  <details>
    <summary>Package name: <b>chai</b></summary>
    <ul>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/744a16e1cc4e8a9c6d4499e1e520a0bc4c80ec18">744a16e</a>
4.3.10</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/0ccd823cb3ee6a433156c4e23cc67de79d4f368d">0ccd823</a>
upgrade all dependencies (ethereum#1540)</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/923d0a48fc59a910ecee37c85535379520a3e1b6">923d0a4</a>
4.3.9</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/1a0f8872711f64b8353c30ebcfdf0ceeab404bab">1a0f887</a>
make</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/a141e5739ab32ae579cd2df2eb745dbf1375ac27">a141e57</a>
upgrade deps</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/d9ff2c6d3e3f306b8b76e081cc892f42bf551b26">d9ff2c6</a>
4.3.8</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/8d3205b27e706f188f1c4f548d23b989eb60a0db">8d3205b</a>
build</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/b351dc09440e87917f25daa8d49dfb8866efc704">b351dc0</a>
Fix: update exports.version to current version (ethereum#1534)</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/1a8247f30dbe0f54268a9748ae673caec75d6bfe">1a8247f</a>
Update CONTRIBUTING.md (ethereum#1521)</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/3a8c49a70733ac7f4570925415e9a8544e2ee1c3">3a8c49a</a>
docs: specify return type of objDisplay (ethereum#1490)</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/b45512409768514aac931a54da628adf2d27a934">b455124</a>
test: fix typo in test.js (ethereum#1459)</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/98f42337562429353e829ebc4f85a00622087fce">98f4233</a>
build(deps): bump socket.io-parser from 4.0.4 to 4.0.5 (ethereum#1488)</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/acd16e0033591d849b82f0700fd223072ebf420c">acd16e0</a>
chore: 4.x.x: Fix link to commit logs on GitHub (ethereum#1487)</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/3c947a7f33b021730ea68a52bd15712fe57134be">3c947a7</a>
build</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/775f50958422278933db6efefa1ec2526191e632">775f509</a>
4.3.7</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/8e780b44f321056c960f00b94b4c2aefa3392c21">8e780b4</a>
fix: deep-eql bump package to support symbols comparison (ethereum#1483)</li>
    </ul>

<a
href="https://snyk.io/redirect/github/chaijs/chai/compare/529b8b527ba99454471ac67d6aebca9d96cb5dd9...744a16e1cc4e8a9c6d4499e1e520a0bc4c80ec18">Compare</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJkMDQzOThiZC0wYzlmLTQyMmEtOGEyZi0yNTQ2NDNjMDY2MDMiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImQwNDM5OGJkLTBjOWYtNDIyYS04YTJmLTI1NDY0M2MwNjYwMyJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/woodpile37/project/3a4e6031-90ad-4f6e-a8f2-e52f97555f14?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/woodpile37/project/3a4e6031-90ad-4f6e-a8f2-e52f97555f14/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/woodpile37/project/3a4e6031-90ad-4f6e-a8f2-e52f97555f14/settings/integration?pkg&#x3D;chai&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"d04398bd-0c9f-422a-8a2f-254643c06603","prPublicId":"d04398bd-0c9f-422a-8a2f-254643c06603","dependencies":[{"name":"chai","from":"4.3.6","to":"4.3.10"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/woodpile37/project/3a4e6031-90ad-4f6e-a8f2-e52f97555f14?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"3a4e6031-90ad-4f6e-a8f2-e52f97555f14","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":4,"publishedDate":"2023-09-28T09:50:37.566Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]})
--->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant